@@ -129,7 +129,7 @@ public final class GpgConfLoader implements Loader {
129129 *
130130 * @see <a href="https://wiki.gnupg.org/LargeKeys">Large Keys</a>
131131 */
132- private static final long MAX_SIZE = 64 * 1024 + 1L ;
132+ private static final long MAX_SIZE = 64 * 1000 + 1L ;
133133
134134 @ Override
135135 public byte [] loadKeyRingMaterial (RepositorySystemSession session ) throws IOException {
@@ -143,7 +143,7 @@ public byte[] loadKeyRingMaterial(RepositorySystemSession session) throws IOExce
143143 if (Files .size (keyPath ) < MAX_SIZE ) {
144144 return Files .readAllBytes (keyPath );
145145 } else {
146- throw new IOException ("Refusing to load file " + keyPath + "; is larger than 64KB " );
146+ throw new IOException ("Refusing to load file " + keyPath + "; is larger than 64 kB " );
147147 }
148148 }
149149 return null ;
@@ -180,18 +180,15 @@ public char[] loadPassword(RepositorySystemSession session, byte[] fingerprint)
180180 .resolve (socketLocationPath )
181181 .toAbsolutePath ();
182182 }
183- String pw = load (fingerprint , socketLocationPath );
184- if (pw != null ) {
185- return pw .toCharArray ();
186- }
183+ return load (fingerprint , socketLocationPath );
187184 } catch (SocketException e ) {
188185 // try next location
189186 }
190187 }
191188 return null ;
192189 }
193190
194- private String load (byte [] fingerprint , Path socketPath ) throws IOException {
191+ private char [] load (byte [] fingerprint , Path socketPath ) throws IOException {
195192 try (AFUNIXSocket sock = AFUNIXSocket .newInstance ()) {
196193 sock .connect (AFUNIXSocketAddress .of (socketPath ));
197194 try (BufferedReader in = new BufferedReader (new InputStreamReader (sock .getInputStream ()));
@@ -224,11 +221,7 @@ private String load(byte[] fingerprint, Path socketPath) throws IOException {
224221 + "+to+use+it+for+signing+Maven+Artifacts\n " ;
225222 os .write ((instruction ).getBytes ());
226223 os .flush ();
227- String pw = mayExpectOK (in );
228- if (pw != null ) {
229- return new String (Hex .decode (pw .trim ()));
230- }
231- return null ;
224+ return mayExpectOK (in );
232225 }
233226 }
234227 }
@@ -240,14 +233,16 @@ private void expectOK(BufferedReader in) throws IOException {
240233 }
241234 }
242235
243- private String mayExpectOK (BufferedReader in ) throws IOException {
236+ private char [] mayExpectOK (BufferedReader in ) throws IOException {
244237 String response = in .readLine ();
245238 if (response .startsWith ("ERR" )) {
246239 return null ;
247240 } else if (!response .startsWith ("OK" )) {
248241 throw new IOException ("Expected OK/ERR but got this instead: " + response );
249242 }
250- return response .substring (Math .min (response .length (), 3 ));
243+ return new String (Hex .decode (
244+ response .substring (Math .min (response .length (), 3 )).trim ()))
245+ .toCharArray ();
251246 }
252247 }
253248
@@ -359,6 +354,9 @@ public void prepare() throws MojoFailureException {
359354 this .secretKey = secretKey ;
360355 this .privateKey = secretKey .extractPrivateKey (
361356 new BcPBESecretKeyDecryptorBuilder (new BcPGPDigestCalculatorProvider ()).build (keyPassword ));
357+ if (keyPassword != null ) {
358+ Arrays .fill (keyPassword , ' ' );
359+ }
362360 PGPSignatureSubpacketGenerator subPacketGenerator = new PGPSignatureSubpacketGenerator ();
363361 subPacketGenerator .setIssuerFingerprint (false , secretKey );
364362 this .hashSubPackets = subPacketGenerator .generate ();
0 commit comments